package com.example.warehouseplus.controller;


import org.springframework.http.HttpStatus;
import org.springframework.http.server.reactive.ServerHttpResponse;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.core.Authentication;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.ResponseBody;
import org.springframework.web.bind.annotation.RestController;
import reactor.core.publisher.Mono;

import java.security.Principal;
import java.util.HashMap;
import java.util.Map;

@RestController
public class UserController {
	/**
	 * 不限制用户访问（需登录）
	 * @return
	 */
	@RequestMapping("/getUser")
	@ResponseBody
	public Mono<String> getUser(){
		return Mono.just("getUser");
	}

	/**
	 * 普通用户访问
	 * post
	 * @return
	 */
	@PreAuthorize("hasRole('USER')")
	@RequestMapping(value = "/user", method = {RequestMethod.GET,RequestMethod.POST})
	@ResponseBody
	public Mono<String> user(Principal principal){
		System.out.println(principal.getName());
		return Mono.just("hello "+principal.getName());
	}

	/**
	 * 超管用户访问
	 * @return
	 */
//    @PreAuthorize("hasPermission('ROLE_ADMIN')")
//    @Secured("ROLE_ADMIN")
	@PreAuthorize("hasRole('ADMIN')")
	@RequestMapping(value = "/admin", method = {RequestMethod.GET, RequestMethod.POST})
	@ResponseBody
	public Mono<String> admin(Principal principal, Authentication authentication){
		System.out.println(authentication.getAuthorities());
		System.out.println(principal.getName());
		return Mono.just("admin "+principal.getName());
	}

	@RequestMapping(value = "/login", method = {RequestMethod.GET,RequestMethod.POST})
	@ResponseBody
	public Mono<Object> login(ServerHttpResponse response){
		Map<String, String> responseMap = new HashMap<>();
		responseMap.put("code", "failure");
		responseMap.put("msg", "您还未登录");
		response.setStatusCode(HttpStatus.UNAUTHORIZED);
		return Mono.just(responseMap);
	}

}
